Over 8 million Android users have been affected by malware known as SpyLoan, found in a dozen malicious loan apps on the Google Play Store.
These apps have been designed to trick users into providing sensitive information, leading to extortion, harassment, and financial loss.
The infected apps claim to offer quick loans with minimal requirements, targeting users in countries including Mexico, Colombia, Thailand, Indonesia, and Peru.
Despite some apps attempting to comply with Google Play policies, many remain available for download.
SpyLoan apps use social engineering tactics to gain trust and request intrusive permissions, such as access to contacts, call logs, camera, and SMS messages, which are later exfiltrated to a remote server.
These apps also collect personal and financial data, which can be used to coerce users into paying loans with high interest rates or intimidating them with stolen photos.
This isn’t the first time SpyLoan has been active; previous reports have highlighted similar scams dating back to 2020. Users are advised to be cautious about app permissions, reviews, and developers to avoid falling victim to such scams.
